feat: upgrade to Kube v1.30.6, Istio SMTP fix

This commit is contained in:
Stefan Reimer 2024-10-23 10:55:38 +00:00
parent 29c8fbab68
commit 967d465e6f
7 changed files with 22 additions and 8 deletions

View File

@ -3,9 +3,11 @@ ARG ALPINE_VERSION=3.20
FROM docker.io/alpine:${ALPINE_VERSION} FROM docker.io/alpine:${ALPINE_VERSION}
ARG ALPINE_VERSION ARG ALPINE_VERSION
ARG KUBE_VERSION=1.30.5 ARG KUBE_VERSION=1.30.6
ARG SECRETS_VERSION=4.6.1
ARG VALS_VERSION=0.37.5 ARG SOPS_VERSION="3.9.1"
ARG VALS_VERSION="0.37.6"
ARG HELM_SECRETS_VERSION="4.6.2"
RUN cd /etc/apk/keys && \ RUN cd /etc/apk/keys && \
wget "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" && \ wget "https://cdn.zero-downtime.net/alpine/stefan@zero-downtime.net-61bb6bfb.rsa.pub" && \
@ -33,7 +35,7 @@ RUN helm repo add kubezero https://cdn.zero-downtime.net/charts && \
# helm secrets # helm secrets
RUN mkdir -p $(helm env HELM_PLUGINS) && \ RUN mkdir -p $(helm env HELM_PLUGINS) && \
wget -qO - https://github.com/jkroepke/helm-secrets/releases/download/v${SECRETS_VERSION}/helm-secrets.tar.gz | tar -C "$(helm env HELM_PLUGINS)" -xzf- wget -qO - https://github.com/jkroepke/helm-secrets/releases/download/v${HELM_SECRETS_VERSION}/helm-secrets.tar.gz | tar -C "$(helm env HELM_PLUGINS)" -xzf-
# vals # vals
RUN wget -qO - https://github.com/helmfile/vals/releases/download/v${VALS_VERSION}/vals_${VALS_VERSION}_linux_amd64.tar.gz | tar -C /usr/local/bin -xzf- vals RUN wget -qO - https://github.com/helmfile/vals/releases/download/v${VALS_VERSION}/vals_${VALS_VERSION}_linux_amd64.tar.gz | tar -C /usr/local/bin -xzf- vals

View File

@ -45,7 +45,8 @@ echo "Applying remaining KubeZero modules..."
control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_telemetry, apply_argo" control_plane_upgrade "apply_cert-manager, apply_istio, apply_istio-ingress, apply_istio-private-ingress, apply_logging, apply_metrics, apply_telemetry, apply_argo"
# Final step is to commit the new argocd kubezero app # Final step is to commit the new argocd kubezero app
kubectl get app kubezero -n argocd -o yaml | yq 'del(.status) | del(.metadata) | del(.operation) | .metadata.name="kubezero" | .metadata.namespace="argocd"' | yq 'sort_keys(..)' > $ARGO_APP # remove the del(.spec.source.helm.values) with 1.31
kubectl get app kubezero -n argocd -o yaml | yq 'del(.spec.source.helm.values) | del(.status) | del(.metadata) | del(.operation) | .metadata.name="kubezero" | .metadata.namespace="argocd"' | yq 'sort_keys(..)' > $ARGO_APP
# Trigger backup of upgraded cluster state # Trigger backup of upgraded cluster state
kubectl create job --from=cronjob/kubezero-backup kubezero-backup-$KUBE_VERSION -n kube-system kubectl create job --from=cronjob/kubezero-backup kubezero-backup-$KUBE_VERSION -n kube-system

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubeadm name: kubeadm
description: KubeZero Kubeadm cluster config description: KubeZero Kubeadm cluster config
type: application type: application
version: 1.30.5 version: 1.30.6
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:

View File

@ -19,7 +19,15 @@ spec:
- name: envoy.filters.listener.proxy_protocol - name: envoy.filters.listener.proxy_protocol
typed_config: typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol "@type": type.googleapis.com/envoy.extensions.filters.listener.proxy_protocol.v3.ProxyProtocol
filter_disabled:
destination_port_range:
start: 1025
end: 1026
{{- end }} {{- end }}
- name: envoy.filters.listener.tls_inspector - name: envoy.filters.listener.tls_inspector
typed_config: typed_config:
"@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector "@type": type.googleapis.com/envoy.extensions.filters.listener.tls_inspector.v3.TlsInspector
filter_disabled:
destination_port_range:
start: 1025
end: 1026

View File

@ -204,6 +204,9 @@ aws-efs-csi-driver:
replicaCount: 1 replicaCount: 1
image:
tag: "v2.0.9"
controller: controller:
create: true create: true
logLevel: 2 logLevel: 2

View File

@ -2,7 +2,7 @@ apiVersion: v2
name: kubezero name: kubezero
description: KubeZero - Root App of Apps chart description: KubeZero - Root App of Apps chart
type: application type: application
version: 1.30.5 version: 1.30.6
home: https://kubezero.com home: https://kubezero.com
icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png icon: https://cdn.zero-downtime.net/assets/kubezero/logo-small-64.png
keywords: keywords:

View File

@ -47,7 +47,7 @@ cert-manager:
storage: storage:
enabled: false enabled: false
targetRevision: 0.8.8 targetRevision: 0.8.9
lvm-localpv: lvm-localpv:
enabled: false enabled: false
aws-ebs-csi-driver: aws-ebs-csi-driver: